moniacheli@xxxxxxxxxx wrote: >I think I could use these commands: > >iptables -t mangle -A OUTPUT -p udp --dport 514 -j MARK --set-mark 13 >iptables -t nat -A POSTROUTING -- mark 13 -SNAT x.x.x.x > >I tried, but I had this problem on first command: >"Couldn't load match `MARK':/lib//iptables/libipt_MARK.so: cannot open >shared object file: No such file or directory" > >Are the commands above rigth and is it sufficient to copy libipt_MARK. >so into :/lib//iptables/ directory to solve my problem? > >Thanks a lot to Alexandru Dragoi > >Bye Monia > >----Messaggio originale---- >Da: alex@xxxxxxxxxx >Data: 16/05/2006 13.00 >A: "moniacheli@xxxxxxxxxx"<moniacheli@xxxxxxxxxx> >Cc: <netfilter@xxxxxxxxxxxxxxxxxxx> >Ogg: Re: Iptables SNAT for pkt generated by internal process > >moniacheli@xxxxxxxxxx wrote: > > > >>I would like to use iptables to translate the source of IP datagrams >>generated inside a router for some particular applications (such as >>syslog: protocol UDP, destination port 514). I thought to use an >>iptables rule defined by an OUTPUT chain (which let manipulate >> >> >datagram > > >>generated from local process) and by the target SNAT (which let to >>translate ip source) -> iptables -t nat -A OUTPUT -p udp --dport 514 - >> >> >j > > >>SNAT --to x.x.x.x. The problem is that the OUTPUT chain cannot be >> >> >used > > >>with the target SNAT! >>Has anybody any idea about which is the best and simplest way to get >>the result described above? >> >>Thanks for Your collaboration. >>Monia Cheli >> >> >> >> >> >>Tiscali ADSL 4 Mega Flat >> >>Naviga senza limiti a 19,95 Euro al mese con 4 Megabps di velocita'. >> >> >Attiva subito: hai 2 MESI di canone adsl GRATIS! > > >>In piu', se sei raggiunto dalla rete Tiscali, telefoni senza pagare >> >> >il canone Telecom. > > >>Scopri subito come risparmiare! >> >>http://abbonati.tiscali.it/prodotti/adsl/tc/4flat/ >> >> >> >> >> >> >You do SNAT in POSTROUTING. Local generated packets also enter >POSTROUTING. You may want to match source ip or .. you can mark >packets >in mangle OUTPUT, and then SNAT in POSTROUTING matching only the mark >value with mark match. > > > > > > > > > >Tiscali ADSL 4 Mega Flat > >Naviga senza limiti a 19,95 Euro al mese con 4 Megabps di velocita'. Attiva subito: hai 2 MESI di canone adsl GRATIS! > >In piu', se sei raggiunto dalla rete Tiscali, telefoni senza pagare il canone Telecom. > >Scopri subito come risparmiare! > >http://abbonati.tiscali.it/prodotti/adsl/tc/4flat/ > > > > Try iptables -t nat -A POSTROUTING -m mark --mark 13 -SNAT x.x.x.x
